package cn.tedu._08security.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/api/")
public class ResourceController {
    /**
     * 公开资源:不需要认证访问;
     * 测试: http://localhost:8080/api/public/hello
     */
    @GetMapping("public/hello")
    public String publicHello() {
        return "public hello";
    }

    /**
     * 私有资源:需要认证访问;
     */
    @PreAuthorize("hasAuthority('sys:private:view')")
    @GetMapping("private/hello")
    public String privateHello() {
        return "private hello";
    }
}
